Week 24 In Review – 2017

Security Fest – www.youtube.com
This summer, Göteborg became the most secure city in Sweden! We had a day filled with great talks by internationally renowned speakers on some of the most cutting edge and interesting topics in IT-Security.

List of Printers Which Do or Do Not Display Tracking Dots – www.eff.org
Some of the documents that we previously received through FOIA suggested that all major manufacturers of color laser printers entered a secret agreement with governments to ensure that the output of those printers is forensically traceable.

An Introduction to the CAN Bus: How to Programmatically Control a Car – news.voyage.auto
A modern car has tons of control systems, functioning in many ways like micro-services do in web development. Think of airbags, braking, cruise control, electric power steering, audio systems, power windows, doors, mirror adjustment, battery and recharging systems for electric cars.

Tools

SessionGopher – github.com
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

mazda_getInfo – github.com
A PoC that the USB port is an attack surface for a Mazda car’s infotainment system and how Mazda hacks are made

How a few yellow dots burned the Intercept’s NSA leaker – arstechnica.com
When reporters at The Intercept approached the National Security Agency on June 1 to confirm a document that had been anonymously leaked to the publication in May, they handed over a copy of the document to the NSA to verify its authenticity.

Malware Uses Router LEDs to Steal Data From Secure Networks – www.bleepingcomputer.com
Specially-designed malware installed on a router or a switch can take control over the device’s LEDs and use them to transmit data in a binary format to a nearby attacker, who can capture it using simple video recording equipment.

Sponsors

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.